Boosting Adversarial Robustness Using Feature Level Stochastic Smoothing
Abstract
Advances in adversarial defenses have led to a significant improvement in the robustness of Deep Neural Networks. However, the robust accuracy of present state-of-the-art defenses is far from the requirements in critical applications such as robotics and autonomous navigation systems. Further, in practical use cases, network prediction alone might not suffice, and assignment of a confidence value for the prediction can prove crucial. In this work, we propose a generic method for introducing stochasticity in the network predictions, and utilize this for smoothing decision boundaries and rejecting low confidence predictions, thereby boosting the robustness on accepted samples. The proposed Feature Level Stochastic Smoothing based classification also results in a boost in robustness without rejection over existing adversarial training methods. Finally, we combine the proposed method with adversarial detection methods, to achieve the benefits of both approaches.
Cite
Text
Addepalli et al. "Boosting Adversarial Robustness Using Feature Level Stochastic Smoothing." IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2021. doi:10.1109/CVPRW53098.2021.00019Markdown
[Addepalli et al. "Boosting Adversarial Robustness Using Feature Level Stochastic Smoothing." IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2021.](https://mlanthology.org/cvprw/2021/addepalli2021cvprw-boosting/) doi:10.1109/CVPRW53098.2021.00019BibTeX
@inproceedings{addepalli2021cvprw-boosting,
title = {{Boosting Adversarial Robustness Using Feature Level Stochastic Smoothing}},
author = {Addepalli, Sravanti and Jain, Samyak and Sriramanan, Gaurang and Babu, R. Venkatesh},
booktitle = {IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops},
year = {2021},
pages = {93-102},
doi = {10.1109/CVPRW53098.2021.00019},
url = {https://mlanthology.org/cvprw/2021/addepalli2021cvprw-boosting/}
}